Astra Linux - уязвимость в pyxdg

A code injection issue was discovered in PyXDG before version 0.26, through crafted Python code within a Category element of a Menu XML document in a .menu file. The XDGCONFIGDIRS setting must be configured to trigger the xdg.Menu.parse parsing within the directory containing this file. This issu...

EUVD-2019-0119

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-12761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS...

RHEL 8 : pyxdg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pyxdg: code injection via crafted python code CVE-2019-12761 Note that Nessus has not tested for this issue but has...

SUSE CVE-2019-12761

A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...

SUSE: Security Advisory (SUSE-SU-2022:2997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : python-pyxdg (SUSE-SU-2022:2997-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2997-1 advisory. - A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu...

SUSE-SU-2022:2997-1 Security update for python-pyxdg

This update for python-pyxdg fixes the following issues: - CVE-2019-12761: Fixed a code injection issue in Category elements of a Menu XML bsc1137627...

new packages: pyxdg

An update is available for pyxdg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

GHSA-7372-Q459-JXHR pyxdg Arbitrary File Overwrite via Race Condition

Race condition in the xdg.BaseDirectory.getruntimedir function in pyxdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the...

pyxdg Arbitrary File Overwrite via Race Condition

Race condition in the xdg.BaseDirectory.getruntimedir function in pyxdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the...

Debian: Security Advisory (DLA-2727-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2727-1] pyxdg security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2727-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb August 03, 2021 https://wiki.debian.org/LTS -...

DLA-2727-1 pyxdg - security update

Bulletin has no description...

Debian DLA-2727-1 : pyxdg - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2727 advisory. It was discovered that there was a code injection issue in PyXDG, a library used to locate freedesktop.org configuration/cache/etc. directories. CVE-2019-12761 A code...

Ubuntu: Security Advisory (USN-4700-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4700-1: PyXDG vulnerability

Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary code...

USN-4700-1 pyxdg vulnerability

Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary code...

Ubuntu 16.04 LTS / 18.04 LTS : PyXDG vulnerability (USN-4700-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4700-1 advisory. Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary...

SUSE-RU-2019:2505-1 Recommended update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner

This update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner fixes the following issues: python-pip was updated to 10.0.1...